Patch advisory for Sun Microsystems. Please read for details.
fdb48f205b9093efa4f6227ea7def7424f4461b07154dea026d00d83941e9ec3Hp-ux-bdf.c is a local root buffer overflow exploit for HP-UX's /usr/bin/bdf.
0e8e2833f271db51967945879c37ea8b040d8a327992db7a84525fd4e618c1ceDwarf.cpp is an unreleased exploit for Troll ftpd, a supposedly secure ftp server.
c289a2eefb385f3cef6e155cc5d978a8d0952c549cb00ff74ebb244d1261355fIPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.
5259889e312aca78ff120220aed5c95bba5dff442445dec3e22c6b9dfebcdb33Patch to sshd-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesn't write anything to the logs.
259dd32e71927e99de52ad09974eeb6521a51b49a626f6d18e3ed47d5da6bfd9Site Protector v2.0 password deciphering tool coded in javascript.
cc76f4e8ea690abe4502ce4187b490cad701361c15abccedeaa787a2e3c2e703ICQr Information v1.5 reads out ICQ Database (DAT) files including personal data such as passwords and deletec contacts. ICQ versions 99a/b, , 2000a/b and 2001 are supported.
10121a7f5b416b27e299e91c439eaf06008d81aceb1d97214ae406dfffb3bcfcInternet Security Systems (ISS) X-Force has discovered a buffer overflow in the Subprocess Control Server (dtspcd) in all Unix variants running CDE (Common Desktop Environment) system. The vulnerability in the dtspcd daemon may allow remote attackers to execute arbitrary commands on a target system with super user privilege.
d1bfc5d62d8c313808c9f569fae242504771c9276aac917e265af53497e54bf5Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.
4fc6353114be9187fc81d9348425805da921476f4b321b6e83d0fd44ef8894f6This is wuftpd2.6.0x and qpop2.1.4 exploit ported to PHP. Even php in safe mode can not stop this script from working. Webhosting providers who provide PHP need to be careful.
13aada54c954522f4a2446611b67aa75d2fad31ef0fb63a0303da5710582411dMicrosoft Security Advisory MS01-055 - IE Cookies can be retrieved by unauthorized users who can then modify the values in them using malformed URL's. Microsoft FAQ on this issue available here.
a3e76106f19ef35eba1c78b396da6d7a6130e93cff44659550cde9d361ca6d4bSnort-rep is a Snort reporting tool that can produce text or HTML output from a syslog snort log file. It is intended to be used for daily e-mail reports to the system administrators. If snort v1.8+ is used, all reports contain priority information, and the HTML output contains direct links to the IDS descriptions of whitehats.com.
0ab8683852c7e18080d19765988aadafd1044192da7ab0db09608fc7faa15bc7Btk is a little Python extension module allowing one to create and play with raw sockets and TCP/UDP/ICMP packets from within Python.
decaec6232a915f53abf02a4f0b4640a48f4b16a8776802c6985da925ffaa4c4Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.
4f24865b58a950757f31ad67a84f2ba3e74358d411ac6ade255ca2b8dbf97e40Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
af2a2072a15847c8460565babe13b2a8d6b095b9daaedade52ba28abf8ec86f6fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.
eba87138d1120e49a4460896f06ae1fa50da180902872dde33f33a56141f5fdcFingerprinting Port 80 Attacks - This paper looks at some of the signatures that are used in web server attacks and what to look for in your logs.
418fdba08b5342ce96f2eb897abfc3f48546f0a39066b51571a722980b2c603fThe Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
26a737a43a7486f9aed74043808e07b57d7dc15a1afbf6b49577eb73f0befd66The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
74f541ebcfbcbfb32968d1b03e66685c04d902f786a780492eb07f47cdd69604Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code. Windows binaries available here.
376a383c5fad43306cef871664c81a31a86007458d75750c0053d4e77332c020Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
c305a83d444273f36fe616be53e47889e553f1076437495c3cb20aa4dea2051cSteghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
7023049ea27d26db23073fd0c280a93cc283531e40fc3edf84638e441e68e288IPV6 Flooder.
840f1e7f1a6630975736391461079a35d92a25fde20d2c2df2d20980cfe278b1Tux web server remote dos attack. Sends a large host parameter inside the get request. Tested again RedHat 7.2.
029a738f9b68551f68b054c1d398abfbab7c1c19c344eabb37256f52d1ec0928FreeBSD rootkit. Patches ls, du, find, locate, ps, top, strings, ifconfig, netstat, login, and ftpd. Includes backdoor sysback and sniffer zxsniff.
846d1a294f28721aa038c839384a72e8fc9b706324f5426a23df837e297075f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed